l8nite/shell-script-envconsul.sh

## shell-script-envconsul.sh
# read config values from vault and export into the shell
vault_secrets_filename=$(mktemp)
http_response=$(curl --fail --silent --connect-timeout 3 -H "X-Vault-Token: ${VAULT_TOKEN}" -X GET http://vault:8200/v1/secret/${PF_ENV}/${PF_APP} -o $vault_secrets_filename --write-out '%{http_code}')

if [[ "$http_response" = "200" ]]; then
  eval $(cat $vault_secrets_filename | jq -r '.data | to_entries[] | (.key | ascii_upcase | gsub("/";"_")) as $key | (.value) as $val | "export \($key)=${\($key):=\($val)}"')
elif [[ "$http_response" = "404" ]]; then
  echo "Warning: No secrets found in vault."
else
  echo "Fatal: Error connecting to vault! Check $vault_secrets_filename for more details."
  exit 1
fi
rm -f $vault_secrets_filename

# read config values from consul and export into the shell
consul_config_filename=$(mktemp)
http_response=$(curl --fail --silent --connect-timeout 3 -X GET http://consul:8500/v1/kv/config/${PF_ENV}/${PF_APP}?recurse=1 -o $consul_config_filename --write-out '%{http_code}')

if [[ "$http_response" = "200" ]]; then
  eval $(cat $consul_config_filename | jq -r '.[] | (.Key | gsub("config/'"${PF_ENV}/${PF_APP}"'/";"") | ascii_upcase | gsub("/";"_")) as $key | (.Value | @base64d) as $val | "export \($key)=${\($key):=\($val)}"')
elif [[ "$http_response" = "404" ]]; then
  echo "Warning: No configuration found in consul."
else
  echo "Fatal: Error connecting to consul! Check $consul_config_filename for more details."
  exit 1
fi
rm -f $consul_config_filename

$@
	# read config values from vault and export into the shell
	vault_secrets_filename=$(mktemp)
	http_response=$(curl --fail --silent --connect-timeout 3 -H "X-Vault-Token: ${VAULT_TOKEN}" -X GET http://vault:8200/v1/secret/${PF_ENV}/${PF_APP} -o $vault_secrets_filename --write-out '%{http_code}')

	if [[ "$http_response" = "200" ]]; then
	eval $(cat $vault_secrets_filename \| jq -r '.data \| to_entries[] \| (.key \| ascii_upcase \| gsub("/";"_")) as $key \| (.value) as $val \| "export \($key)=${\($key):=\($val)}"')
	elif [[ "$http_response" = "404" ]]; then
	echo "Warning: No secrets found in vault."
	else
	echo "Fatal: Error connecting to vault! Check $vault_secrets_filename for more details."
	exit 1
	fi
	rm -f $vault_secrets_filename

	# read config values from consul and export into the shell
	consul_config_filename=$(mktemp)
	http_response=$(curl --fail --silent --connect-timeout 3 -X GET http://consul:8500/v1/kv/config/${PF_ENV}/${PF_APP}?recurse=1 -o $consul_config_filename --write-out '%{http_code}')

	if [[ "$http_response" = "200" ]]; then
	eval $(cat $consul_config_filename \| jq -r '.[] \| (.Key \| gsub("config/'"${PF_ENV}/${PF_APP}"'/";"") \| ascii_upcase \| gsub("/";"_")) as $key \| (.Value \| @base64d) as $val \| "export \($key)=${\($key):=\($val)}"')
	elif [[ "$http_response" = "404" ]]; then
	echo "Warning: No configuration found in consul."
	else
	echo "Fatal: Error connecting to consul! Check $consul_config_filename for more details."
	exit 1
	fi
	rm -f $consul_config_filename

	$@